Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes


Cyberattackers can totally take over a Kubernetes pod to steal data and introduce malware by bypassing the Kyverno security mechanism for container image imports. The Kyverno admittance controller for container images has a high-severity security flaw that might let hostile actors import a wide variety of harmful code into cloud production environments.

A signature-verification technique is provided by the Kyverno admission controller to make sure that only signed, verified container images are being fetched into a specific Kubernetes cluster. This can prevent a variety of negative results.

Read More…